If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

In the Spybot-S&D forum and others, there is a 15 minute time frame to edit one's post. It lessens the chance of an answer referring to things the original poster has deleted.

As the RootAlyzer is an analyst tool and not a scan and fix program, it would be helpful if you provide the following information.

The operating system

Security programs installed

Reason for running a rootkit scan

Using peer-to-peer (P2P) file sharing clients?

Farbar Recovery Scan Tool, (FRST) shows in the log, what was this tool used for please.

Last but not least, how the computer running?

Best regards.

Hello,
Sorry, I thought I had added that info, maybe it got lost during the initial edit. Here it goes again;

its Win7x64 Ult 7.3 experience index, with processor being the 7.3 bottleneck. Memory is 7.5 rest is 7.7.

I have Spyboy S&D, MalwareBytes, which is all i have been using, and all i have running now.

I ran rootkit scan to keep up on security.

I dont use peer to peer client.

In the past, several months ago, I have used hitmanpro, FRST (if i recall correctly), JRT, ADWCleaner, RogueKiller, rkill, and iexplore(to kill any dangerous programs first, so i can safely run scans), I also had ran ESET at that time. I had been getting what seemed malicious network traffic, and constant supersloooowwwwww performance, if not a dead stand-still alot of times. I had comodo internet firewall, which in the end by removing that alot of the problems went away.

Months later, I have been getting the slow performance again, with 2 or 3 instances of chrome users running, one user with two browser instances running, one of which has about 30 tabs open, a couple each on the others. (I use multiple users; 1 for development, 1 for audio music or news, and 1 for personal for separation of concerns and better organization)

So with all my software development tabs open, things seemed to come to a standstill at some random point, right when i opened a new tab and that page got stuck on loading, then i had a you tube ad blocker plugin go unreponsive, so i disabled that, but a day later, yesterday, without that plugin enabled i was getting the same issues.

I have recently installed a program that I really want to keep, its RandomPhotoScreensaver rps4.5.10.1.exe, and its possible this is causing the latest issue. With this one, it seems sometimes when i come back to my computer, when i resume desktop usage after it has ran, it doesnt seem to close all the way. However, from what i remember, that was because opening that browser tab caused me to walk away.

During these times, I wasnt even able to open perfmon until walking away, coming back in the morning, and doing some random operation still in the slowness, the perfmon UAC finally popped up, wow...., so then when looking at perfmon, chrome is the one taking up the most memory. Memory usage at the time is about 9 out of 12GB, and for the cpu I see some redline, which means a process is not responding. the cpu performance is only about 30% at the time, but the cpu queuing is sometimes near 100%, and the redlines are in the 20-30% range, but I didn't notice which program was causing it, i thought maybe chrome.

See redline example taskman-perf-redline.JPG. However, things are running fine, i actually didnt expect to see that, and am not used to seeing that actually either.

Here is the resource monitor now, when things are running smooth (taken 2 mins after the former screenshot, just now) resmon-perf1.jpg

I noticed in the previous screenshot, the CPU area was not scrolled correctly, here is that info resmon-perf2.jpg

By the way, I just noticed an entry in there called

xvpnd.exe

I had subscribed for expressVPN recenltly so i can use P2P, but there was a payment problem, so it only worked for a few hours(the vpn connection) but I let it cancel because I think I found a better company anyway, that i havent signed up for yet. I can see how that may be causing network adapter issues.. I uninstalled that just now.

Where did you download this from please.
Downloads\Net Nanny 6.31+serial\SETUP.EXE

Best regards.

I keep downloads all the way back to 1998, this is a new operating system, the stuff from 2016 was from a previous installation of windows. that directory your seeing references are is an archive.

As far as the Net Nanny, I'm not sure where I got that, but its not installed, and is also from 2016. I only keep the downloads, not their sources.

Do you see a problem related to any of those?

And also, I guess the main question, based on the logs, how would I use the rootkit search to find something that may be actively being used on boot? I think thats what im aiming for, as opposed to removing any unsafe downloads from years past that aren't installed.